(((From the latest RISKS DIGEST.)))
Date: Thu, 4 Sep 2008 18:25:35 -0800
From: Rob Slade
Subject: Worditudinality
Go look up the term rootkit on Wikipedia. (Go ahead, I'll wait.) Lovely entry, isn't it? Lots of information. Trouble is, there's lots of misinformation, too.
A rootkit is *not* "a program ... designed to take fundamental [or] ...
`root' access" for a system. It's designed to *keep* that access, once you broken into the system and grabbed it. (And rootkits were around before
1990, etc, but we'll let that go for the moment.)
Or, at least, it used to be defined that way. Recently, all kinds of people have been redefining what rootkit means, to the point that it may no longer mean anything. (((Oh the sorrow.)))
Wikipedia is a wonderful tool, and the English encyclopedia made with it is a wonderful resource. For the most part. But when you get to the real specialty areas you start running into problems. As John Lawton has pointed out, the irony of the information age is that it has given new respectability to uninformed opinion. And Wikipedia is susceptible to that problem.
Now the Wikipedia people are aware of the problem, and have provided ways to address it. There is the fact that anyone can correct errors, when errors have been made. There are technical controls in terms of limits on changes.
There are administrative controls in the granting of elevated privileges to editors. But occasionally you get a breakdown, such as the fact that an editor can be, him or herself, in error. And then you get entries like the one for rootkit.
But Wikipedia is not what I really want to talk about. I want to talk about words. (((Oh good.))) Specifically, the jargon that we use, and create, in technical fields, and in the field of information security in particular. Because language is kind of like a giant Wikipedia, where anyone at all can make an entry. And anyone at all can try and modify that entry.
Lots of people like to talk about computer security. It's quite likely that more people like to talk about security than actually *do* anything about security. So it's not hard to see that a lot of the people who are talking, and writing, about security often talk about things that, well, they are not quite certain about.
If I say that Alan Turing was a homosexual, I might be right, or I might be wrong. But it would be fairly easy to check whether I was right or wrong.
However, if I say that a Turing Machine is a universal computer because it can be implemented on any computer, I am making a different kind of assertion, and one that it harder to check. Someone who hears me say that, and knows that I'm wrong, might not challenge it immediately, because it's partly right, and the error I've made may not be important to the point that
I'm making. But the people who hear me make that statement, and who do not know why the statement is in error, are probably going to assume and generate various kinds of mistaken ideas about Turing machines. And if I make the statement frequently enough, and in enough different places, it starts being taken as true. And eventually we'll have people saying that a universal computer is any entity that can be implemented on any platform.
Which had nothing at all to do with what Turing was doing and proving.
(((Okay, this is where our knowledgeable geek author goes tragically astray. There is no verbal one-zero on-off switch where Alan Turing can be sharply defined as "homosexual." Being "homosexual" is an inherently cloudy business – just ask the ancient Greeks. Or ask yourself what it means to call Alan Turing "gay," and how much linguistic drift has been associated with that term. Technojargon is absolutely CRAMMED with terms like this, and handing the process to accredited engineers does not help at all. Is the Internet a "net"? Is it a "cloud"? Is it a "highway"? Is it a "protocol"?
Is it even a "series of tubes"?)))
(((You might think that once you drill down a few levels this inchoate situation somehow clarifies, but it doesn't.
Is software a "stack"? Does it "compile"? Is memory "memory"?
Are invoked daemons demonic? In what sense is a "rootkit"
either a "root" or a "kit"?)))
So it is with a number of the specialized terms that we have been using in infosec. A lot of people are getting hold of them, and using them in sloppy ways. (((Oh the humanity.)))
Now, a great many people say that language is living, and you have to make allowances for that growth. Fair enough: much of the vocabulary that we use every day in computer security didn't even exist fifty years ago, so it would be hard to argue the point. However, if the terms can be changed by anyone, at any time, then they lose meaning. If I use the word virus to mean one thing, and you use it to mean something quite different, then we aren't going to come to any agreement. We can't communicate. And, in all of these rapidly changing technical fields, communication is vitally important. (((Okay: but in what sense is the iPhone a "phone"?
The iPhone uses radio and wifi, it is not Alexander Graham Bell's original vocal telegraphy application running on wires. But if you prune the verbal thicket of the Jobs reality distortion field, you don't get an iPhone.)))
(((It's vitally important to communicate, but it may be vitally important to communicate *badly*, or at least in ways that leave some elbow room for maneuver and creative thought.)))
So, in the blort, I just want to regrify you to smetnicate all forms of antrifact.
Yelth you for your fesculiant. (((This is the best part of the essay, because this is what the future really, truly sounds like. It sounds like gibberish by the standards of the past. And it has to. I don't think there's any way to escape this conundrum, and demanding that technicians seize strict control over the definition of technical terms is like denouncing fiat money and demanding a return to the gold standard. Even when it worked, the gold standard didn't work. It can't.)))
victoria.tc.ca/techrev/rms.htm blogs.securiteam.com/index.php/archives/author/p1/
——————————
